<?php
$prd = $_POST['product_name'];
$prq = $_POST['product_qt'];
$prw = $_POST['product_wrh'];
$count = 0;

$link = mysql_connect("10.250.12.102", "store_rw", "pcw2")
       or die("Il est impossible d'accéder en écriture à ce service ou la base demandée");

mysql_select_db('store') or die("Impossible de sélectionner la base de données");

$query = "SELECT COUNT(*) FROM products WHERE name='$prd'";
$result = mysql_query($query) or die('Échec de la requête : ' . mysql_error());
if ($result <= 0)
{
	$sql = "INSERT INTO products (name) VALUES ('$prd'); INSERT INTO stocks (warehouse, quantity) VALUES ('$prw', '$prq');";
	$result = mysql_query($sql) or die('Échec de la requête : ' . mysql_error());	
}
else
{
	$sql2 = "SELECT warehouse FROM stocks WHERE product_id = (SELECT product_id FROM products WHERE name = '$prd');";
	$result = mysql_query($sql2) or die('Échec de la requête : ' . mysql_error());	

	$arr = mysql_fetch_array($result);
	if ($arr[0] != $prw)
	{	
		echo "L'entrepot specifie n'est pas bon.";
		$count=1;		
	}
	else	
	{	
	$sql3 = "UPDATE stocks SET quantity=quantity+'$prq' WHERE product_id = (SELECT product_id FROM products WHERE name = '$prd');";
	$result = mysql_query($sql3) or die('Échec de la requête : ' . mysql_error());	
	}
}

mysql_free_result($result);
mysql_close($link);
if ($count == 0)
{
	header("location:admin.php"); 
}
?>